Privacy Policy

We do not intentionally collect sensitive information as defined in the Privacy Act. If you provide dietary or accessibility requirements when registering for an event, we treat this as sensitive information, collect it only with your consent, and use it solely to manage your attendance at that event.

We do not collect government identifiers such as tax file numbers, passport numbers or Medicare numbers.

We collect personal information directly from you when you sign up for a membership, create or update your member profile, purchase event tickets, enter the quarterly prize draw, contact us, or visit our website. We do not collect personal information from third parties without your knowledge, except as described below.

If you choose to link your LinkedIn profile to your Business Heads profile, we collect the information you make available through that connection, including your name, profile photo, job title and employer. This is optional. LinkedIn-sourced data is treated as member profile data and handled in accordance with this policy. You can disconnect LinkedIn at any time through the member platform.

We use your personal information to:

• manage your membership and provide access to member benefits;
• display your profile in the member directory to other current members;
• process payments and maintain financial records;
• administer the quarterly prize draw and notify winners;
• manage event registrations and attendance;
• send you membership communications, renewal reminders and receipts;
• send you marketing communications about Business Heads where you have consented or where it is within reasonable expectations given your membership;
• respond to your enquiries and provide support;
• improve the website and member platform; and
• comply with our legal obligations.

We will not use your personal information for any purpose incompatible with the purpose for which it was collected, unless you consent or an exception under the Privacy Act applies.

We may use de-identified, aggregated data about our membership for internal analysis and reporting. Aggregated data does not identify individual members and is not sold or shared with third parties in a form that could identify you.

We do not sell your personal information to third parties. We share your information only in the circumstances described in this section.

Your member profile is visible to other current Business Heads members through the member directory. See section 10 for details of what information is included and how you can manage your profile.

When you become a member, we share your first name, last name and email address with Rewards Gateway to create your access to the Business Heads member deals program. Once your account is created, Rewards Gateway processes your personal information, including your activity on the deals platform, under its own Privacy Policy. Business Heads notifies Rewards Gateway when your membership ends, at which point Rewards Gateway retains your data for 60 days before deletion, with order history retained for 2 years.

We encourage you to read Rewards Gateway’s Privacy Policy before using the deals platform.

If you express interest in a deal or offer made available by another member business (separate from the Rewards Gateway program), we may share your name and contact details with that member business to facilitate the connection, or you can make the connection yourself. We will notify you before any such sharing occurs. Once shared, that member business’s own privacy practices govern how they handle your information.

Personal information collected from prize draw entrants is used to administer the draw, verify eligibility and notify winners. Winner names and general location may be published in accordance with the Competition Rules. We do not use prize draw entry data for marketing purposes without your consent.

We may share attendee information with third-party event suppliers, including venue operators, to manage event attendance and logistics. Photographers or videographers may be present at Business Heads events and we will notify attendees in advance where images may be taken and used in our communications. Where a Business Heads event involves a co-host, sponsor or event partner, any sharing of attendee information with that partner will be disclosed at the time of event registration.

We share personal information with third-party service providers who assist us in operating the platform and delivering services. These providers are permitted to use your information only for the specific purpose for which it was shared. Current providers are listed in section 8.

We may disclose your personal information where required or authorised by law, including to comply with a court order, subpoena or regulatory requirement, or to protect the rights, property or safety of Business Heads, our members or others.

If Business Heads is sold, merged or transferred to another entity, your personal information may be transferred as part of that transaction. We will notify you before any such transfer and ensure the receiving entity is bound by privacy obligations consistent with this policy. If we cease to operate, member profile data will be deleted within 30 days of platform closure.

Business Heads provides access to two third-party platforms that you will use directly as a member:

Circle (community platform): The Business Heads online community is hosted on Circle’s platform. Your posts, messages, profile activity and interactions within the community are processed by Circle under Circle’s Terms of Service and Privacy Policy. Circle processes this data independently of Business Heads. Business Heads has entered into Circle’s Data Processing Agreement to govern the handling of member personal information. We encourage you to read Circle’s privacy policy at circle.so/privacy.

Rewards Gateway (member deals): Your access to and use of the Business Heads member deals program is provided through Rewards Gateway’s platform. Rewards Gateway processes your data under its own Privacy Policy. See section 6 for details of what information Business Heads shares with Rewards Gateway to create your account.

Business Heads is not responsible for the privacy practices of Circle or Rewards Gateway beyond the obligations set out in our data processing agreements with each provider.

Your member profile is visible to other current Business Heads members only through the Business Heads community on Circle’s platform. It is not visible to the general public, to former members or to individuals who are not logged in.

The following fields are required to create a member profile: first name, last name and business name. All other profile fields, including job title, LinkedIn URL, profile photo, bio, industry and location, are optional. You choose what you share.

You can update, restrict or remove information from your member profile at any time through the member platform, without needing to cancel your membership. If you need assistance, contact us at hello@businessheads.com.au and we will respond within 5 business days.

By accessing the member directory, you agree to use the information you find there only for genuine professional networking purposes. You must not use directory information to send unsolicited commercial messages to other members, copy or harvest the directory for use outside the platform, or share other members’ information with third parties without their consent. Breach of these obligations may result in suspension or cancellation of your membership. Business Heads is not liable for misuse of directory information by other members but will investigate and act on complaints.

Your profile will be removed from the member directory within 30 days of your membership ending. Contact details and transaction records will be retained for the periods in section 3, subject to your right to request deletion under section 13.

We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification and disclosure. Our measures include:

• secure HTTPS connections on our website and member platform;
• encryption of personal data at rest;
• access controls and two-factor authentication for administrative accounts;
• staff access to personal information limited on a need-to-know basis;
• use of reputable third-party providers, including Rewards Gateway which holds ISO 27001 certification; and
• a documented data breach response plan.

No system is completely secure. If you have concerns about the security of your information, please contact us at hello@businessheads.com.au.

If we become aware of a data breach likely to result in serious harm, we will assess it promptly and, where required under the Notifiable Data Breaches scheme, notify affected individuals and the Office of the Australian Information Commissioner (OAIC).

Where you request deletion of your personal information, we will delete or de-identify information that we are not required to retain. Please note:

• financial transaction records must be retained for 7 years in accordance with ATO requirements and cannot be deleted on request;
• where your information is held within Circle’s platform, we will request deletion on your behalf and remove your access. Circle processes deletion requests and purges backup data in accordance with its own Data Processing Agreement;
• Rewards Gateway retains order history for 2 years from the date of order and payment records for 1 year, subject to Rewards Gateway’s own retention obligations;
• information you have shared directly with other members through the platform or through member deals referrals cannot be recalled from those individuals; and
• information held by other third-party providers including Stripe is subject to those providers’ own retention policies.

We will confirm the outcome of your deletion request in writing within 30 days.